Preparing For Your First Cloud App

Posted by Rod Cope on February 10th, 2012 in Support, The Cloud

There’s a lot of confusion out there around the so-called “cloud app”. What is it, just another term for “SaaS”? Or does it refer to running your own application in a public cloud? As with many phrases that include the ubiquitous word “cloud”, it can mean just about anything. In the context of this post, “cloud app” refers to an application you’re running in a public cloud, such as Amazon AWS or Rackspace Cloud.

Before you put an application in a public cloud, ask yourself the following 4 cloud app preparation questions:

Which cloud is best for my use case?

IaaS providers give you nearly unlimited flexibility to run any software you like, but you’re responsible for system administration
PaaS providers typically restrict your access to software packages and versions, but remove most system administration duties
Consider that hybrid approaches and “Open PaaS” solutions can give you flexibility while reducing administration hassles

How do I handle security?

Top tier public cloud providers are experts at physical security in their data centers – don’t worry about this type of security
Data security: encrypt data going to and from your application (e.g., HTTPS) and encrypt data at rest in your data stores
Application security: test your application against the common OWASP web application vulnerabilities manually and with tools

Who will monitor my application?

If you choose an IaaS solution, consider monitoring tools like Nagios or Hyperic so you’ll be notified if something goes wrong
With a PaaS solution, your vendor will likely provide various levels of monitoring and alerting
Whichever type of cloud you choose, be sure to monitor the application (e.g., response times, slow queries) as well as the system (e.g., CPU, memory, network, and disk)
Finally, monitoring cloud costs is important because it can be very easy to run up your bill to unexpected levels if you’re auto scaling or running lots of tests, especially integration and load tests

Where do I get support for my stack?

If you deploy commercial software, you’ll need to carefully count license usage to be assured of getting vendor support. Some licensing agreements will limit you to a number of concurrent instances, which can change rapidly in a public cloud if you’re automatically scaling up and down to meet demand. Other components may have licenses tied to IP addresses. Still others may charge by the hour. This can get complicated quickly if you have a mix of software using different measurement criteria.
If you’re using open source tools, the license counting issues go away. However, you’ll need to find one or more vendors to help with development and 24×7 production support on all the critical components you’re deploying to the cloud.

After you’ve answered all these questions to your satisfaction, you’re ready to experiment with deploying your first cloud app. As with any new technology, I highly recommend you start small and grow from there. Choose a test application that is not mission critical. This is especially important while you’re getting up to speed with public clouds because your application may not yet be “designed for failure”. But that’s a topic for another post.